Fibre channel address blocking

a technology of filter channel and address block, applied in the field of filter channel computer networks, can solve the problem of unauthorized requests for private data from anyon

Inactive Publication Date: 2006-04-06
IBM CORP
View PDF2 Cites 16 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Benefits of technology

[0007] The invention provides a technique that permits network access to a storage device while monitoring the source address of the requester to determine whether the requester has been authorized to access the data. A blocking device is positioned between the fibre channel address target and the fabric switch controlling the connection of the source and the target. The blocker inspects all incoming frames of data. The blocker checks the source and destination addresses. If a frame of data is detected that is addressed to an uncon

Problems solved by technology

This becomes a problem when one user wants to protect its private data from access from the remainder of the network.
Thus

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Fibre channel address blocking
  • Fibre channel address blocking
  • Fibre channel address blocking

Examples

Experimental program
Comparison scheme
Effect test

second embodiment

[0018] The invention concerns the address blocking in a fibre channel that blocks access by an unauthorized user to confidential data of a second user in a network. The frames of data being transmitted down the fibre channel is inspected incoming to the device that is to be protected. In one embodiment of the invention, the blocking device is placed between a private data storage system and the fibre switch of the user holding the confidential data in his private storage system. In the invention, the blocking device is placed between the fibre switch of the confidential data owner and the confidential owner's network adapter used to access the fibre channel network to the outside world. The blocker includes a comparator that checks the source and authorized addresses thereby permitting access to the owner's private data storage only to authorized users. The blocking device also checks the transmission of data from the private data storage back to the user and again compares the sour...

first embodiment

[0020] Referring now to FIG. 2, an internal FCAL system 100 is shown including a private workstation 102, a public data storage 104 and a private data storage 106 all interconnected to a FCAL loop technology in a hub 108. The blocker 30 of the present invention is shown positioned between a fabric switch 110 and the internal FCAL system 100 on an input fibre channel 112. The fibre switch 110 is shown interconnected through fibre channels to a plurality of public workstations 114. The fabric switch 110 represents an interconnection to many workstations and data storages all external to the internal FCAL system 100. In the embodiment shown in FIG. 2, the invention disclosed in blocker 30 is shown positioned between the incoming fibre channel 112 from the fabric switch 110 and intercepts the frames of data on the fibre channel directed towards the hub 108. In this embodiment, the invention is positioned between the FCAL target represented by the internal FCAL system 100 and the fabric ...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

PUM

No PUM Login to view more

Abstract

A method and system including apparatus for detecting and blocking an invalid request to a target wherein fibre channels interconnect the data processing configuration. A request made from a hub such as a fabric switch to an internal fibre channel arbitrated loop is blocked by substituting IDLE characters for the frames of data included with the request. The substitution of IDLE signals can also occur within an internal fibre channel arbitrated loop system where access is blocked to a confidential data storage system. If the request is legitimate, the data frames are passed to the target and the requested data is transmitted back to the requester. If the request is refused as being an unauthorized request, the data frames are replaced with IDLE characters and no transfer of confidential data occurs.

Description

BACKGROUND OF THE INVENTION [0001] 1. Technical Field [0002] The invention relates to fibre channel computer networks and more particularly to apparatus and method for preventing unwanted access to data at a target device when an invalid source address is detected. [0003] 2. Description of the Prior Art [0004] Fibre channel is a general name of a new protocol for flexible information transfer. The fibre channel provides a high speed transfer of large amounts of information while providing an interconnection for various interfaces such as central processing units and data storage devices. The fibre channel permits the transporting of multiple protocols over a common physical interface. The channel protocol refers to a peripheral input / output interface to a host computer that transports large amounts of data between the host computer and the peripheral device such as a data storage system. Data transfer is handled in hardware with little or no software involvement once an input / output...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

Application Information

Patent Timeline
no application Login to view more
IPC IPC(8): H04L12/26
CPCH04L12/42H04L69/323Y10S370/906
Inventor AIN, JONATHAN WADEEMBERTY, ROBERT GEORGEKLEIN, CRAIG ANTHONY
Owner IBM CORP
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Try Eureka
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap